Privacy, security, and memory: an interview with Nick Carr

Ars talks about the political, cultural, and cognitive ramifications of cloud …

On Tuesday of last week, Ars Technica and Wired hosted an invitation-only Smart Salon event on cloud computing at San Francisco's Four Seasons. The roster of attendees and presenters was impressive, and the event featured headliners like author Nick Carr and Microsoft Chief Software Architect Ray Ozzie.

I had a chance to chat with Carr after the event, and our discussion ranged from regulatory challenges for cloud computing to the Web's deeper implications for how we read, write, and think. I've split the interview into two parts, with this first part focusing on the policy and cultural issues, and the second focusing on specific companies and technologies. I hope you enjoy the conversation as much as I did. Look for the second part tomorrow.

Privacy and security in the cloud

JS: The panel at the Smart Salon was focused on cloud reliability and security concerns, and other barriers to cloud adoption—policy and regulatory challenges, and that sort of thing. Is there an analog to any of this in the dawn of electricity generation as a public utility? Did people have a similar set of concerns?

NC: Security obviously comes out of the fact that with the cloud you're dealing with information, and that doesn't have an analog when you're talking about electric current, but certainly questions of reliability and dependability and control were very important in the move toward the utility model of electricity. And before that, when gas utilities began to take over lighting in place of candles, there were lots of safety issues because the gas tended to explode a lot.

So whenever you move to a central supply model there are always issues with the very nature of centralization and how problems can affect a whole lot of people or companies, instead of just companies individually when they're each creating whatever service there is.

JS: So then with the regulation question, my understanding of current utilities regulation is that it's based at least in part on some notion of a utility as a public good, which the government would like to guarantee or mandate some level of access to. But it seems like the initial cloud regulatory questions are about consumer protection.

NC: I think there are lots of facets of either actual or potential government regulation or action with the cloud, and one is, I think, the matter of access. The FCC has recently made it pretty clear that it wants to pursue universal broadband access, which is obviously related to the increasing importance of what's in the cloud, and to the communication and economic opportunities it offers. And so, similarly, with the original telephone system, where the government got involved and pushed the utilities to pursue universal service and in many cases used cross subsidies to get telephone service into rural areas, I think we're going to see more talk and thinking about that kind of issue—the universal access issue—for network computing as well. So I think there is that facet.

And then, as you said, most of the attention on the regulation front is about confidentiality and privacy, and protection of personal data. The way that's being regulated varies a great deal from country to country, and that adds a layer of complexity for the suppliers of cloud computing services, who have to toe the legal line in the different geographies.

JS: So how do you see that shaping up in the US, with regard to privacy?

So there's the possibility of a criminal breach that puts cloud information into the wrong hands, and then there's also the question of, will a cloud provider or a big social networking company push the limits too far, and suddenly force privacy up the public agenda.

NC: It's really hard to predict, because, generally speaking in the US—compared to Europe—there's been much more of a laissez faire attitude and fewer privacy controls. And my guess is that the big issue is whether there's some large-scale breach of privacy in the future that creates a big public outrage. If that happens, then I think government will get much more involved in this, and will begin to apply some laws and regulations about privacy from the top down.

On the other hand, if that doesn't happen, and concerns about privacy remain fairly sporadic, as they have been up until now, I think there's a fairly good chance that the government won't get heavily involved in questions of data security. I think it could go either way, depending on the events that happen and how they influence public attitude. It's a big question mark.

JS: With all of the laptop thefts and the data breaches that we've had, I'm trying to envision a category of events that would be sufficient in size to generate that kind of outrage. And the only thing that really occurs to me is healthcare records—if there was a major cloud data breach in the healthcare area. Can you think of another... I'm just trying to envision a concrete example of the scale of a privacy breach that's connected to the cloud that would spur this kind of action. Because we've had quite a few high-profile breaches... they kind of come with this numbing regularity.

NC: That's right. They do come with a numbing regularity, and they cross our attention span briefly, because even if the numbers seem to be large, the actual percentage of people affected seems to be quite small. So it never causes large-scale public outrage.

So I think there are two different aspects to the question. One is the criminal aspect—what happens if the bad guys get a huge amount of health or financial information, or whatever sensitive information. But there's also the aspect of changes in mores about privacy itself. Recently, for instance, Facebook's fairly determined effort to break down people's worries about privacy is an example of a company trying to push the limits, so far without huge repercussions—although what's happened in the past couple of weeks is a bigger reaction than Facebook has seen in the past.

So there's the possibility of a criminal breach that puts cloud information into the wrong hands, and then there's also the question of, will a cloud provider or a big social networking company push the limits too far, and suddenly force privacy up the public agenda. So far, neither of those things has happened in a way that really leads to government action, but there's nothing to say that that kind of scenario couldn't play out in the future.

Cloud, memory, capitalism, and The Shallows

JS: I'd like to talk a bit about your upcoming book, The Shallows, which I'm planning to read. My own background is that I'm a dangling humanities PhD in early church history and Christian origins. After Ken Fisher and I sold the company in May of 2008, I now just do Ars full-time, and after the first year of that I definitely noticed a pretty large change in my attention span. So at one point last year I deliberately started reading more offline, long-form content like books, because I felt like the quality of my writing and my thinking was so degraded by the information flow online. Reading some classic fiction and nonfiction has definitely helped me to feel sane again.

NC: I've had a very similar experience. When I wrote this new book, The Shallows, I definitely throttled back on my connectivity. I closed down my Facebook and Twitter accounts, and I tried to limit my checking of e-mail to a couple of times a day. And I did other things—I moved to a place where there was no cell phone connectivity or texting. And it definitely made a difference. You regain a certain calmness of mind that allows you to read a long book without hopping up every other page to check e-mail or do some Googling. I think it really underscored what I had begun to fear, which is that I and a lot of other people are really training our brains to skim and scan all the time, and along the way we're forgetting how to slow down and read or think deeply and be contemplative.

So that's really what the book is about—trying to look at my personal experience and that of others, and to look at both the history of human intellect as well as recent neuroscientific discoveries about how the brain adapts and how it works, and to use those things to shed light on what's going on.

The rich allusions that used to be considered the cornerstone of good writing have been transformed into easy links.

JS: You may talk about this in the book—I don't know—but Roland Barthes describes how, after the rise of print production as a business under capitalism, books began to be made with the assumption that they would be read or consumed only once; and then you move on and you read another book. Whereas, in previous eras, if anything was worth writing down or copying, then people sort of lived with the resulting texts and read them and reread them. Even personal correspondence was reread many times. But there was this shift in the print era, when books became a commodity, to this cultural conception of a book as something that you read one time. In other words, when the book becomes a commodity, a reader becomes a consumer. Barthes tries to draw out the implications of this shift for readers and writers, and how it affects the way that readers read and writers write.

So you had that dislocation with the printing press and the rise of print as a business, and now it seems that we're seeing a similar kind of dislocation going on, where we've moved from reading something deeply just once, to, like you said, a skim-and-scan practice. Everybody does this rapid reading thing. I know I do it, and all of our editors on the site are pretty well-trained... in fact, anybody who works in this space can read and digest a lot of information really rapidly, as long as it's written in a certain way. Sometimes, if you read a text that was obviously written under the presumption that your'e going to sit down and spend time with it, you just get annoyed because you want the writer to get to the point.

NC: That's right. And I talk a little bit about how those expectations on the part of readers inevitably begin to change the way writers write. The danger is that we lose a sense of literary experimentation, of taking chances, of trying to do new things, and we just fall back on a bland, utilitarian approach to writing that fits the way we prefer writing when we're surfing the Web, where, you're absolutely right—if you suddenly get an essay from Emerson or something, you're sort of like, "What the heck? This does not compute."

Any of these technological alterations in reading media also echo back and ultimately change the way people write, as well. And not necessarily always for the better.

JS: Yeah, I feel like I can almost tell when somebody starts writing online and they're fresh out of school, where they spent a lot of time with books. That shows in their writing—in the pace of it, in the references they make. They reach back into cultural memory for references instead of referring to something that's more lateral and ephemeral. It's a shame that we no longer reach backwards into cultural memory [as opposed to sideways], and that I certainly don't do that. Because it used to be a mark of good style—and I guess it still is, in some circles—to be able to reference, for instance, the Illiad. It's funny, because you have an infinite word count to play with, but you just don't have the time to work in an Illiad reference capably, and the reader doesn't have the time to process it or care about it.

NC: Yes, the rich allusions that used to be considered the cornerstone of good writing have been transformed into easy links.

JS: Pretty much. And it's an irony that the cloud is this giant pool of shared memory, and the way that we use it ends up being almost anti-mnemonic in a weird way. It sort of eats away at our cultural memory and at our individual recall.

NC: There's a chapter in the book called "Search Memory" that talks about that. I completely agree. I think that's exactly the danger we face here. Both personality and culture hinge on the development of a richly connected individual memory. And to the extent that we begin to see that as unnecessary because we have such easy access to so much information, I think leads to a less interesting culture as well as less distinctive personalities.